NFS installation - file permissions - Windows vs Bubba vs Ubuntu

From BubbaWiki
Jump to: navigation, search

This howto aims to provide instruction to the installation of the NFS (for linux). As well as some guidance in user rights issues that may arise between for example Ubuntu-computers and Windows-computers that are simultaneous clients to the same Bubba-files.

NFS-Installation

The NFS-installation at Bubba allows file-sharing from Bubba to Linux clients at your Local Area Network (LAN). The installation are pretty straight forward, and is probably better explained elsewhere, but here is a short version:

Short version

Setting up the bubba server

Log in to your bubba using SSH

ssh 192.168.10.1 // means your bubba ip-address at your local network
// you are asked for your username and password

Change your user to root:

su root // your will be prompted for bubba password = excito 

Now install the NFS server packages:

apt-get install nfs-kernel-server nfs-common portmap

After installation you will have to edit your NFS-export options (this is the file that tells Bubba what files to export at your LAN:

nano /etc/exports

How to use the nano text editor is explained here.

In the exports file you can export with variants of the following options (this is an example that will work):

/home/username 192.168.10.0/24(rw,async,root_squash,no_subtree_check)
/home/storage 192.168.10.0/24(rw,async,root_squash,no_subtree_check) 

This will be typical options, a google for "nfs howtos" or so will give you guides to the different options for rw, async and so on.

This link might be a good start:

https://help.ubuntu.com/10.04/serverguide/C/network-file-system.html

After saving, start exporting the directories with the command:

exportfs -a


Exit your ssh connection to bubba .

exit  // twice from root

The linux-client:

At the Ubuntu client computer you can now run this command in a terminal window:

sudo mount 192.168.10.1:/home/storage /home/username/bubba_storage

Where the ip is your Bubba. The "bubba_storage" in the command over is your direcory chosen on your local Ubuntu client. Of course make sure it exists.

Or you can mount at every startup. Then edit the /etc/fstab

sudo gedit /etc/fstab

with adding the following line:

192.168.10.1:/home/storage /home/username/bubba_storage nfs rw,hard,intr 0 0
 

File permission issues

If you access your bubba from a windows-computer, then you are accessing your bubba home directory through the samba file sharing system. You can easily use samba system through Ubuntu too. Just go to "network" using nautilus. But this does not give you the nice file sharing environment in Ubuntu as NFS wil allow you. Not to mention some file-saving options in different applications/programs does not access samba shared directories.

You might, for example, experience the following problem: files saved through windows/samba have other user rights than the files saved directly from Ubuntu through NFS. It might be that you can only read but not save files that were first saved from Ubuntu and then opened in the windows-computer, and so on..

If you use only Linux, you might find that you save files in the shared Ubuntu-folder as your regular Ubuntu user, but they end up as admin-owner in bubba ...

Why does this happen?

Try the following: Log in to Bubba and do the following command:

cat /etc/passwd 

You will among several others find a line with your username:

admin:x:1000:1000:Administrator:/home/admin:/usr/sbin/nologin 
username:x:1001:100:Your User Name:/home/username:/bin/bash 

Now try the same command at your Ubuntu-computer:

cat /etc/passwd

You might  find the line:

username:x:1000:1000:Your User Name,,,:/home/username:/bin/bash

As you now can see, Your User Name at the Ubuntu-client might have the same usernumber as Administrator at Bubba.

So this is the reason why files saved as username-owner from nfs-client are converted to admin-owner when reaching Bubba, and then explains why they will not be writable when you open them through the windows/samba-connection.

Solution

Your will have to make sure the numbers are identical throughout the linux-network. The first number are the user-id, the second are the group-id.

So on Bubba in the example over: 1001="username", 100=the "users"-group.

An easy way?

Yes there is an easier way:

If you feel comfortable on your local LAN, and perhaps are the only user, you can also export your bubba home-directory with the following options:

Log in to Bubba using ssh.

Change user to root.

nano /etc/exports

Change the export line to:

/home/username 192.168.10.9/24(rw,async,all_squash,no_subtree_check,anonuid=1001,anongid=100)

Remember:

exportfs -a

Explanation: 

The "anonuid" tells bubba that all files saved to this directory should have the "anonymous" user-id 1001, this is as you will remember identical to the one listed in /etc/passwd over, so make sure it is identical to your user-id listed in bubbas /etc/passwd . The "anongid"-option tells bubba in same way that all files saved in this directory have the anonyomus group-id 100.

This will then override the clients (Ubuntu's) user-id and group-id when accessing the exported nfs-directory. You can of course export several different directories on your LAN, each with different user-id's,  according to several different user id's as listed in /etc/passwd at bubba. Then you can use different fstab options on each client.

Securiy issues with this "easy way":

If the client-user have root access to the client computer, he/she could easily mount someone elses account to his/her home-directory with full access.

If you are the only user at the LAN, there is no problems, and this is the easy way to avoid the problem.